1. Field of the Invention
This invention relates to deploying iSCSI parameters and more particularly relates to an architecture for securely and remotely deploying iSCSI parameters in a diskless boot environment.
2. Description of the Related Art
Storage area networks or SANs are an important part of maintaining data. Traditionally, storage area networks are comprised of one or more servers connected in a private fiber channel network with one or more data storage devices. Fiber channel networks have physical limitations and other security measures that have ensured data security. Typically, distance limitations have ensured that the servers in communication with the storage devices are close enough that outsiders have not had access to the storage devices.
In typical client computers, a communication protocol called Small Computer System Interface (“SCSI”) is used to communicate with devices such as disk drives. Recently, a new protocol called Internet SCSI (“iSCSI”) is used to allow access to storage area network devices and other computing devices over long distances through local area networks, wide area networks, the Internet, or other similar networks. These networks are often public and typically use the de facto Transmission Control Protocol/Internet Protocol (“TCP/IP”) protocol. Because iSCSI operates on top of TCP/IP and most network traffic on TCP/IP networks can be intercepted by unauthorized users, security is a concern.
Secure communications over an iSCSI network has been addressed using various security measures such as Challenge Handshake Authentication Protocol (“CHAP”), Secure Remote Password (“SRP”), Internet Protocol Security (“IPSec”), digital certificates, and the like. Each security measure has inherent advantages and disadvantages. Most security measures depend on various combinations of authentication and encryption. Encryption relies on encryption keys known to a source and a target which are used to unlock the encryption and allow decryption. Authentication also relies on verification of secure parameters such as a user name and a password at the source and target. Sending sensitive parameters such as encryption keys to clients and servers is a security problem because any sensitive parameters sent over a public network may be intercepted by unauthorized users with access to the public network. A private network inside a building may be more secure than a public network but even for users of a private network there may be private or sensitive material that an employer may wish to protect from employees.
One solution used for computers with a disk or other data storage local to the computer is to deploy the keys and parameters using data storage media. Typically such computers contain a hard disk or other data storage within the chassis of the computer. For example, when iSCSI software is deployed using a CD or other media, the sensitive parameters such as encryption keys may be stored with the software on a data storage device. However, this method requires distribution of physical media, requires a person to install the media on each machine, and requires a means to read the media.
In storage area network systems, recently blade centers and other servers are used that do not have local data storage devices. Data storage devices may be separated from the computers or servers and connected using the storage area network. In storage area networks using iSCSI or a combination of iSCSI and Fiber Channel, the data storage devices may be accessible using iSCSI. This type of arrangement typically requires security measures to prevent unwanted access of the data storage devices, servers, and other devices. However, deploying sensitive parameters to the diskless servers is a problem because transmitting the sensitive parameters over the iSCSI network presents security risks. Since the diskless computers typically have no internal disk or other means to read local removable storage media, the sensitive parameters cannot be loaded via some removable storage media.
One method to load sensitive parameters on a diskless computing device is to physically connect to an input/output (“I/O”) interface of the diskless computing device and then to manually load sensitive parameters to each diskless computing device. The parameters may then be stored with other vital product data in non-volatile memory. Manual loading of sensitive parameter is secure, but is time consuming and requires a person to physically visit each diskless computing device and make a connection to the device. Deploying parameters over a public network, for example by deploying parameters to a Dynamic Host Configuration Protocol (“DHCP”) server which then transmits the parameters to an iSCSI initiator during initialization, allows automation of parameter deployment, but is not secure.
From the foregoing discussion, it should be apparent that a need exists for an apparatus, system, and method to deploy sensitive communication parameters to a diskless computing device. Beneficially, such an apparatus, system, and method would deploy sensitive communication parameters in an extendable data structure to diskless computing devices and servers over a secure connection without passing such sensitive parameters over a public network.